0 Replies Latest reply on Dec 16, 2008 5:05 AM by Vladislav Ponomarev

    Can not engage WS security

    Vladislav Ponomarev Newbie

      Hi all,
      I have troubles making JBoss 5.0 GA to sign my SOAP messages.
      I have an external web-service on HTTPS hosting. It expects all incoming messages to be singed with BinarySecurityToken element.
      I performed the following steps:
      1. Read http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#WS-Security tutirial.
      2. Put jboss-wsse-client.xml and jboss-wsse-server.xml to WEB-INF of my client web-application. The content was the following:

      <?xml version = "1.0" encoding = "UTF-8"?>
      <jboss-ws-security
       xmlns = "http://www.jboss.com/ws-security/config"
       xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation = "http://www.jboss.com/ws-security/config
       http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <key-store-file>WEB-INF/.keystore</key-store-file>
       <key-store-password>123456</key-store-password>
       <trust-store-file>WEB-INF/.truststore</trust-store-file>
       <trust-store-password>123456</trust-store-password>
       <config>
       <sign type = "x509v3" alias = "ec2"></sign>
       <requires>
       <signature></signature>
       </requires>
       </config>
      </jboss-ws-security>
      

      3. Put .keystore and .trustore files in WEB-INF.
      4. Called web-service. The following exception was found in log:
      12:56:19,140 ERROR [HTTPClientInvoker] Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.
      javax.xml.ws.soap.SOAPFaultException: Service was not able to authenticate the request: access credentials are missing
      at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:84)
      at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:107)
      at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:577)
      at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381)
      at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:291)
      at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170)
      at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
      at $Proxy160.describeImages(Unknown Source)
      at com.amazon.demo.TestCall.doGet(TestCall.java:55)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
      at java.lang.Thread.run(Thread.java:619)

      It seems that security is still turned off.
      Do you guys have any ideas on what I did wrong?
      Thanks.